Gramm-Leach-Bliley Act for Financial Aid Val Meyers Associate Director Michigan State University.

Slides:



Advertisements
Similar presentations
FERPA - Sharing Student Information
Advertisements

Protect Our Students Protect Ourselves
FERPA: Family Educational Rights and Privacy Act
UNDERSTANDING RED FLAG REGULATIONS AND ENSURING COMPLIANCE University of Washington Red Flag Rules Protecting Against Identity Fraud.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,
Before reviewing the following presentation click on the links below and print off the documents: NAM-43 The Bair Foundation HIPAA Policy NAM- 89 HIPAA.
Randy Benson RHQN Executive Director May, Compliance Issues During Survey Compliance Officers monitor healthcare facilities (hospitals and clinics)
Springfield Technical Community College Security Awareness Training.
2006 Spring MASFAP CONFERENCE Ginny D’Angelo Vice President of Student Loans Commerce Bank Leo Hertling Associate Director St. Louis College of Pharmacy.
The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.
Protecting Personal Information Guidance for Business.
FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.
Securing NPI Mary Schuster Mike Murphy.  Gramm-Leach-Bliley Act Enacted to control the ways that financial institutions deal with the private information.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Auditing Computer Systems
Auditing Computer-Based Information Systems
FERPA: Family Educational Rights and Privacy Act.
FERPA Skidmore College Family Education Rights & Privacy Act What is FERPA? It is the Family Educational Rights and Privacy Act of Is also referred.
1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.
© Chery F. Kendrick & Kendrick Technical Services.
Red Flags Compliance How It Has Changed Customer Policies & Procedures Teresa Corlew, Vice President Customer Care Nashville Electric Service September.
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
Code of Conduct for Mobile Money Providers 6 November 2014 All material © GSMA The policy advocacy and regulatory work of the GSMA Mobile Money team.
The Family Educational Rights and Privacy Act (FERPA) The Importance of Protecting Student Records This session will help you better understand the law.
HIPAA Privacy & Security EVMS Health Services 2004 Training.
New Data Regulation Law 201 CMR TJX Video.
Securing Information in the Higher Education Office.
General Awareness Training
Electronic Records Management: What Management Needs to Know May 2009.
2005 MASFAA CONFERENCE CHARLESTON, WEST VIRGINIA Ginny D’Angelo Vice President of Student Loans Commerce Bank Diane Lambart Fleming Associate Director.
2015 ANNUAL TRAINING By: Denise Goff
1 General Awareness Training Security Awareness Module 1 Overview and Requirements.
HQ Expectations of DOE Site IRBs Reporting Unanticipated Problems and Review/Approval of Projects that Use Personally Identifiable Information Libby White.
Confidentiality and Public Information Act LISD Special Education Department Training SY
FTC RED FLAG RULE As many as nine million Americans have their identities stolen each year. Identity thieves may drain their accounts, damage their credit,
Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.
Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
New Identity Theft Rules Rodney J. Petersen, J.D. Government Relations Officer Security Task Force Coordinator EDUCAUSE.
Student Data and Confidentiality Parents Rights Schools’ Responsibilities.
Technology Supervision Branch Interagency Identity Theft Red Flags Regulation Bank Compliance Association of CT Bristol, CT September 3, 2008.
Information Security Office Protecting Privacy in the New Millennium © Copyright Melissa Guenther, LLC. All rights reserved. Kelley Bogart – Information.
1 CONFIDENTIALITY. 2 Requirement Under IDEA 34 CFR Sec (c) All staff collecting or using personally identifiable information in public education.
FIRMA April 2010 DATA BREACHES & PRIVACY Christine M. Farquhar Managing Director, Compliance J.P. Morgan U.S. Private Banking.
IS 630 : Accounting Information Systems Auditing Computer-based Information Systems Lecture 10.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.
Protecting Data. Privacy Everyone has a right to privacy Data is held by many organisations –Employers –Shops –Banks –Insurance companies –etc.
3.04 HIPAA Compliant Employee Sanctions: A Fair and Objective Approach Frank Ruelas, MBA Director, Corporate Compliance Gila River Health Care Corporation.
Chapter 3-Auditing Computer-based Information Systems.
Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.
Taylor County Schools FERPA (Confidentiality) Training August 17, 2010.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT (FERPA) What Faculty and Staff Should Know.
Protect Our Students Protect Ourselves
Protection of CONSUMER information
Privacy of Client Data.
Chapter 3: IRS and FTC Data Security Rules
Protecting Personal Information Guidance for Business.
Move this to online module slides 11-56
Red Flags Rule An Introduction County College of Morris
Protecting Yourself from Fraud including Identity Theft
Protecting Student Data
Family Educational Rights and Privacy Act of 1974
Presentation transcript:

Gramm-Leach-Bliley Act for Financial Aid Val Meyers Associate Director Michigan State University

GLB Act – who is affected  Federal Trade Commission Regulation  Applies to all institutions that act in a banking capacity  Applies to universities that make loans and/or do loan collections  This includes Perkins Loans, institutional loans, and “school-as-lender” FFELP

GLB Act – what it means  Requires institutions meet standards related to safeguarding customer financial information  Deadline for compliance was 5/23/03  Two major areas  Privacy of information  Safety of information

Privacy of Information  Universities who abide by FERPA are meeting the criteria to protect information privacy  FERPA – Family Educational Rights & Privacy Act  Protects the privacy of all student educational records, including financial information

FERPA Requirements  You should have a written policy in place  Staff should have periodic training  Exceptions are “need to know” within the institution  Audits  Law enforcement with proper legal documents  Financial servicers or partners (i.e., loan servicers, collection agencies)

FERPA Extended  To comply with GLB, financial information for non-students must also have privacy protection  Apply FERPA policies to parents and anyone else for whom you make loans

Safety of Information  Natural Disaster  Human Error  Deliberate Fraud  Corruption of Data  Theft of Hardware, Software, Reports  Unauthorized Access

Safety of Information  Natural Disaster  Backups in remote locations  Human Error  Audit trails, reports  Deliberate Fraud  Separation of Duties

Safety of Information  Corruption of Data  Secured Access  Anti-virus software  Firewalls & hacker protection

Safety of Information  Theft of Hardware, Software, Reports  Secure during non-business hours  Work areas require escort  Documents control  Shred discards  Keep unauthorized visitors away from documents

Safety of Information  Unauthorized Access  Password access  Anti-hacker software  Policies on who may receive reports and files from your office  Privacy shields on computers

Task Force Concerns  Involve all offices who handle student loan or collections data  Financial Aid  Bursar/Controller  Information Technology/Computer Systems  Recommended addition  University Counsel

Designate a Compliance Office or Officer  Each institution must designate a compliance office or officer who is responsible for holding and monitoring compliance documents

Risk Assessment Documentation  List each privacy and safety concern  Address how your institution minimizes each risk  Documents should be on file from each office that “touches” the data  Third party servicer contracts should contain protective language as well

Contract Language  University Counsel should recommend contract language to be inserted in all university contracts with 3 rd party vendors who have access to your student/parent financial loan data  The deadline to add such language to your contracts was May 2004

Recommended Office Policies  Place all student-specific documents in shredding bins  Verify identity of students & parents before sharing data  Refer 3 rd party requests to your designated staff  May be Compliance Officer, AD or Director  Report computer problems promptly

Other Office Policies  Staff must not share passwords  Lock or power down computers when leaving work area  Shield computer screens and data from other students  Do not leave visitors unattended

Questions & Answers Val Meyers Michigan State University